5f6f60f8c6dbdef0628aa0854498fe07_JaffaCakes118

General

Target

5f6f60f8c6dbdef0628aa0854498fe07_JaffaCakes118
Size

121KB
MD5

5f6f60f8c6dbdef0628aa0854498fe07
SHA1

6577161b8718566cc5036426907c5b10e24569ad
SHA256

84f3105250ab9f6ba06d2bfb48021281e92a759296558140a08980c272c14cd7
SHA512

838aadd7deb1ee428a55d4923817b346c8007321325db9f4416896b3b75d126069c130f42c96bae515bfc4aeb00bee5edad0a08744dc43874d4573ff601609de
SSDEEP

3072:J6SwQ+LF20KJG8guOuASvCfcby+r+RO0gtthkh0hXYmYS:JdX+LY05DdfCHQqttWh0Nr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f6f60f8c6dbdef0628aa0854498fe07_JaffaCakes118

Files

5f6f60f8c6dbdef0628aa0854498fe07_JaffaCakes118
.exe windows:4 windows x86 arch:x86

12df915b6f114bc6de145ffc92d2490c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetLocalTime
CloseHandle
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
SizeofResource
LockResource
LoadResource
FindResourceA
GetModuleHandleA
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
DeleteFileA
SetFileAttributesA
MoveFileA
FreeResource
lstrlenA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
CreateFileA
GetTickCount
GetTempPathA
lstrcpyA
SetLastError
lstrcatA
GetWindowsDirectoryA
HeapFree
GetProcAddress
HeapAlloc
GetProcessHeap
GetLastError
GetCurrentProcess
WinExec
ReadFile
SetFilePointer
GetModuleFileNameA
CreateDirectoryA
GetFileAttributesA
SetUnhandledExceptionFilter
GetCommandLineA
CreateThread
Sleep
LoadLibraryA
FreeLibrary
RaiseException
InterlockedExchange
LocalAlloc
GetStartupInfoA

msvcrt

memcpy
_except_handler3
__CxxFrameHandler
realloc
malloc
strlen
??3@YAXPAX@Z
strstr
strchr
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
fclose
fwrite
??2@YAPAXI@Z
memset
fopen
_strrev

netapi32

NetApiBufferFree
NetUserGetLocalGroups

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12df915b6f114bc6de145ffc92d2490c

Headers

File Characteristics

Imports

kernel32

msvcrt

netapi32

Sections

.text Size: 13KB - Virtual size: 12KB

.rsrc Size: 107KB - Virtual size: 106KB

.text
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 107KB - Virtual size: 106KB